RepEL: A Utility-Preserving Privacy System for IoT-Based Energy Meters

Modern Internet of Things (IoT) applications transmit sensor data to the cloud where it is subjected to analytics to provide useful services to users. Unfortunately, IoT sensor data often embeds sensitive private information that is vulnerable to leakage when sent to the cloud. Prior work on preserving IoT data privacy, particularly in the energy domain, focuses on obfuscating data to prevent extraction of private information. However, unless done carefully, data obfuscation significantly reduces the ability to extract useful but non-private information from the data. As a result, these existing techniques also reduce much of the utility derived from deploying IoT devices. In this paper, we address this problem by designing RepEL, a new utility-preserving privacy technique, which intelligently obfuscates smart energy meter data to prevent leaking a home's private occupancy information, while retaining the ability to perform useful energy disaggregation analytics. To preserve energy data's utility, our approach creates a randomized permutation of actual device usage via load replay while suppressing private user behavior information (such as occupancy) in the original data. We implement our algorithm on an embedded gateway node to demonstrate its feasibility and empirically evaluate our approach using real energy traces from homes. Our results show that the privacy leak rate for nearly two-thirds of the homes is below 10%, with four homes having no privacy leak. At the same time, the change in device usage for these homes is less than 3%. Further, we also demonstrate that RepEL has the flexibility to randomly replay loads, which can prevent adversaries from inferring behavioral patterns from device usage or use the information to determine occupancy.